30 Days of Security Testing – Day Twenty-Five

The challenge for Day Twenty-Five is – Find and use a mobile security tool.

I’ve heard mixed responses about mobile security applications, on one hand I’ve heard that Lookout is a good antivirus application – I used it on my first smartphone, a Galaxy S many many moons ago, but managed to brick it – most likely down to me fiddling with settings than contracting a virus.

On the other hand I’ve heard from other people much more clued up than I am that mobile antivirus is a waste of time and can actually leave your phone more vulnerable by opening parts of the phone that would otherwise be closed.  I’m not really sure either way.

So, rather than talk about antivirus software, I’ll look into privacy and anonymity in using an android phone (sorry if you have an iPhone, I’ve never owned one).


It seems almost every day we’re met with breaking news about a data breach where thousands if not millions of people have had their data leaked or sold without their knowledge.

With sites and organisations such as Facebook and Google monitoring peoples movements online and profiting from selling this data to advertisers, it’s useful to know that there are ways to help cover your tracks online.

  • Don’t like Google knowing what apps you’re interested in when you use the Play Store?

Consider installing F-Droid an app store for independent open source apps

  • Like the idea of browser apps that limit trackers, block ads and clear the history/cache when you close them? – consider Firefox Focus or DuckDuckGo

If you want to go a step even further you can browse the internet using the Tor network by installing Orbot and Orfox on your handset.   This is a massive step in being anonymous online – tinfoil hats are optional.  Be aware that the trade-off for using Tor vs browsing the internet using conventional methods is a noticeable decline in browsing speed.  Tor isn’t designed to be fast, it’s designed to be secure.

As more and more servers come online for Tor it has the capacity to be faster, but at present if you want to use the internet to stream video etc you might find Tor to be a bit slow.

  • Like the idea of encrypted messaging and email? This will help your messages from being intercepted by others

Consider using Signal or Whatsapp for instant messaging, and Tutanota for email

One last app I found earlier today sounds really interesting, it’s currently in beta and is called Bouncer.

Bouncer is an app permission manager, which allows apps the permissions they require, but only while they are active.  This appears to be a double edged blade in protecting your privacy while apps are closed, and extending your phones battery life by running fewer processes while apps are closed.

I’ve only just downloaded Bouncer now to have a look, but so far so good 🙂


 

Thanks for reading my post and following my progress through the 30 Days of Security Testing.

For more on Security Testing please visit here  or any of my other ramblings visit here

Feel like joining in? Sign into the WeTest Slack group and get involved!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: